CHAPTER 37
A Pseudo–shadow File

Some environments do not use a shadow file for maintaining passwords. These environments keep encrypted passwords in either a local passwd file or one that is handled through NIS. I have seen this mode of operation in several versions of HP-UX and NIS. NIS can support using a shadow file, but not all NIS clients have this capability.

The script in this chapter, which is intended to be run daily, creates and maintains a pseudo–shadow file to track the age of user passwords and their change history. The script does not, however, remove the encrypted password from the already-existing passwd file.

I intend this contrived shadow-file generator to be run in conjunction with the password-aging script in Chapter 36. The script in that chapter relies on information contained in a shadow file to determine the date of the last password change.